How to setup Two Factor Authentication in pgAdmin 4

January 15, 2023

Two-Factor Authentication (2FA) works by adding an additional layer of security to your online accounts. It requires an additional login credential - something you have - to gain account access, in addition to your password (something you know).

This feature is only available in Server Mode.

pgAdmin 4 supports two types of 2FA:

  1. Email Authentication

  2. Authenticator App (e.g: Google Authenticator)

Configure Two Factor Authentication

Configuring Two-factor Authentication for pgAdmin 4 requires editing config_local.py or config_system.py on the system where pgAdmin is installed in Server mode.

Read more at https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html

You can copy the settings from the config.py file and modify the values for the following parameters:

Note: You can also force users to configure the two-factor authentication methods on login by setting MFA_FORCE_REGISTRATION parameter to True.

Setup Two Factor Authentication from pgAdmin 4 GUI

To setup Two factor authentication from pgAdmin 4 for a user you must click on Two-factor Authentication in the User menu in the right-top corner. It will list down all the supported multi-factor authentication methods.

Click the Setup button next to Email Authentication. Please follow the instructions provided:

Note: You must set the Mail server settings in config_local.py or config_system.py in order to use email as a two-factor authentication method. Read more about Mail server settings at https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html

Setup using Authenticator App (e.g: Google Authenticator)

Click the Setup button next to the Authenticator App. Scan the QR code and enter the code from the authenticator app.

You will see the Delete button for the authentication method if it has already been configured. Clicking on the Delete button will deregister the authentication method for the current user.

Verifying the Configuration

Verify the setup by logging out and logging back in from the pgAdmin once the setup is complete. To authenticate, you can either use the Authenticator app or email authentication. It's not compulsory to set up both authentications, you can either set up one or the other.


Conclusion

Add an additional level of security to your pgAdmin accounts with the Two Factor Authentication feature in pgAdmin 4.

Share this

Relevant Blogs

Create an ERD in pgAdmin 4

The Entity-Relationship Diagram (ERD) tool is a database design tool that provides a graphical representation of database tables, columns, and inter-relationships. An ERD can give sufficient information for the database...
February 01, 2023

What’s New in Postgres 15: Webinar Highlights

Recently, EDB hosted an exciting webinar entitled “What’s New in Postgres 15,” which covered the development process for the latest version of PostgreSQL, as well as new features and benefits...
January 15, 2023

More Blogs

Psycopg2 to Psycopg3 migration in pgAdmin 4

Recently the Psycopg project released a major version, Psycopg3. pgAdmin 4 is immensely dependent on psycopg2 as it is being used as a database driver and the pgAdmin team decided...
January 15, 2023